Public Administration (NAICS 92)
Please provide the information below to view the online Verizon Data Breach Investigations Report.
Thank you.
You will soon receive an email with a link to confirm your access, or follow the link below.
Thank you.
You may now close this message and continue to your article.
- 2024
- Summary of Findings
- Introduction
- Helpful Guidance
- Results and Analysis - Introduction
- Incident Classification - Introduction
- Industries - Introduction
- Accommodation and Food Services Data Breaches
- Educational Services
- Financial and Insurance Services
- Healthcare Data Breaches
- Information Industry Data Breaches
- Data Breaches in Manufacturing Industries
- Professional Services Data Breaches
- Public Administration Data Breaches
- Retail Data Breaches and Security
- Introduction to Regions
- Wrap Up
- Appendix
- Corrections
- Download the full report (PDF)
Frequency |
12,217 incidents, 1,085 with confirmed data disclosure |
|
Top patterns |
Miscellaneous Errors, System Intrusion and Social Engineering represent 78% of breaches |
|
Threat actors |
Internal (59%), External (41%) (breaches) |
|
Actor motives |
Financial (71%), Espionage (29%) (breaches) |
|
Data compromised |
Personal (72%), Internal (37%), Other (31%), Credentials (17%) (breaches) |
|
What is the same? |
System Intrusion and Social Engineering remain top attack patterns in this sector. |
Summary
Miscellaneous Errors, particularly Misdelivery, have surged to the top spot in this industry, reflecting the commonality of mistakes leading to breaches. System Intrusion now ranks second, followed by Social Engineering. The predominance of internal actors underscores the potential consequences of employee carelessness, with Errors accounting for the majority of breaches.
Owning up to your mistakes in public
Due to some of our new data contributors reporting on mandatory breach disclosures, there was an ascendency of the Miscellaneous Errors attack pattern to the top spot in this industry (Figure 70).96 The most common error in Public Administration was Misdelivery, where information (in whatever form) is delivered to the wrong recipient. While this happens frequently via email, it is also quite common with printed documents and, strangely, faxes. The Lost and Stolen Assets pattern (in second place last year) is no longer among the top three in spite of a rather impressive showing by Loss.
Actions speak louder than campaign promises.
Just as we see in the other verticals, System Intrusion and Social Engineering incidents remain commonplace and account for the next two patterns in this industry, respectively. While hacking only appeared in 31% of Public Sector breaches, it is clear that threat actors are still voting for the Use of stolen creds, which were involved in 83% of hacking-related breaches, mostly against web applications.
Malware figured in 27% of Public Sector breaches this year. Not unlike many other verticals, Ransomware was top of the heap with regard to malware varieties and accounted for 61% of malware-related breaches. Backdoors appeared in 38% of breaches involving malware, after which we saw a tight pack of several varieties jockeying for the third-place spot as illustrated in Figure 71.
The Social Engineering attacks we saw in Public Administration were mostly garden-variety Phishing (66% of breaches) and Pretexting (23%) attacks. No less concerning, but not really noteworthy in relation to the other findings.
Actors behaving badly
The fact that Internal actors are the top threat this year underlines the fact that even the most well-meaning employees can trigger a data breach simply by being careless. For all actors, Error actions accounted for 51% of the cases, while malicious internal actors only accounted for 8%. Figure 72 is an illustration of how the road to breaches is paved with good intentions.
If we set aside the error-related breaches and the End-users who cause them, the most common external actors in this vertical were Organized crime (largely Ransomware attacks) at 67% and State-affiliated actors (29%) (Figure 73). And while we saw very little change in Espionage threat actors, we did see a slight uptick in financially motivated attacks.
96 We discuss in the “Results and analysis – Actors” section how mandatory breach reporting helps everyone understand the truer prevalence of breach causes.